MR1035-1483 

Serial Number: 09/814,320 

Response to Office Action dated 21 September 2004 

AMENDMENTS TO THE CLAIMS 
This listing of Claims will replace all prior versions, and listings, of Claims in the 
Application. 

Listing of Claims: 

Claim 1 (Currently amended): A method for determining the integrity of an 
application program running under an operating system on a computer system 
having a memory, said application program having at l e ast a data portion r e siding 
in th e m e mory, the method comprising the steps of: 

(a) pre-allocating one or more segments in the memory for at least a 
said data portion of the application program ; 

(b) inserting tables in said data portion segm e nts ; 

(c) building the e x e cuting said application program on said computer 
system using an op e rating syst e m, said application program produc e d by the steps 
of: 

(cl) providing a linker operable to associate addresses across 
relocatable modules and further operable to output relocation data stored in said 
relocatable modules; 

(c2) (e±) linking via said linker one or more relocatable object 
modules with one or more libraries and other object modules to form an 
intermediate executable module, said relocatable object modules being pre- 
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compiled, and said libraries and said other object modules comprising including 
said relocation data^ 

(c3) teZ) selecting addresses of portions of said libraries and 
said other object modules linked to said intermediate executable module by 
examining during said linking step said relocation data output by said linker te 
det e rmin e s e l e ct e d addr e ss e s, said s e l e ct e d addr e ss e s corr e sponding to addr e ss 
locations in said s e gm e nts,; 

(c4) (e3) storing said selected addresses in said tables ? ; 

(c5) (e4) storing a default address of a selected subprogram of 
said intermediate executable module in said data portion^; and 

(c6) (e§) loading said libraries and said other object modules 
in said memory to transform said intermediate executable module into said the 
application program executabl e by said comput e r syst e m ; 

(d) executing the application program under the operating system of 
the computer system, said tables being retained in said at least one data portion 
during said application program execution; 

(e) (d) determining a reference address associated with said selected 
subprogram at any time after the run time for said application program begins 
execution ; 

(f) (e) comparing said reference address with said default address; 

and^ 
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(g) (f) executing a security application or module to verify the 
integrity of the application program at addresses determined from to d e t e rmin e 
said int e grity of said application program bas e d on said reference address and said 
selected addresses in said tables. 

Claim 2 (Currently amended): The method of claim 1, wherein said 
addresses determined in said security application or module executing step (g) (f) 
uses is said reference address if said reference address is equal to said default 
address. 

Claim 3 (Currently amended): The method of claim 1, further comprising 
including the step of computing a substitute address by offsetting memory 
locations of said selected addresses stored in said tables for every selected address. 

Claim 4 (Currently amended): The method of claim 3, wherein said derived 
address in said security application or module executing step (g) (f) us e s is said 
substitute address if said reference address is unequal to said default address. 

Claim 5 (Currently amended): The method of claim 3 5 wh e r e in said 

\ 

s e l e ct e d addr e sses ar e offs e t further including the step of updating said tables by 
adding or subtracting an offset value to said selected addresses stored therein . 
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Claim 6 (Original): The method of claim 1, wherein said selected addresses 
are selected from a group consisting of memory references and jump target 
addresses, and said subprograms are selected from a group consisting of functions, 
subroutines, procedures and libraries. 

Claim 7 (Currently amended): The method of claim 1, wherein said security 
application is computes a checksum application . 

Claim 8 (Currently amended): The method of claim 1, wherein said security 
application executes a decryption algorithm on d e crypts previously encrypted data. 

Claim 9 (Currently amended): The method of claim 8, wh e r e in said data is 
e ncrypt e d whil e said tabl e s ar e being ins e rt e d further including the step of 
encrypting at least one code segment or data segment of the application program 
simultaneously with said table inserting step (b) . 

Claim 10 (Currently amended): The method of claim + 9, wherein said 
application program compris e s includes encrypted data residing on a DVD digital 
versatile disk. 
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Claim 1 1 (Currently amended): A computer system, comprising: 
a central processing unit; 

memory accessible by the central processing unit; 

a program code translator for building an application program, said 
program code translator executable on said central processing unit and within said 
memory and including an application program loader and a program code linker, 
said linker operable to associate addresses across relocatable software modules 
and further operable to output relocation data stored in said relocatable modules; 

at least one application program built by said program code 
translator and executable on said central processing unit and within said memory^ 
said application program including at least one data segment having formed 
therein at least one address table, said address table having stored therein selected 
addresses of program code from one or more relocatable object modules as linked 
together by said linker, said selected addresses determined from said relocation 
data stored in said one or more relocatable object modules as output by said linker ; 
and A 

a security application executing a security algorithm on said program code 
at addresses determined from a reference address of a previously selected 
subprogram of said program code and said relocation data stored in said table, said 
security application operable to access said table while said application program is 
executing moans for det e rmining th e int e grity of said application program 
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according to a m e thod as d e scrib e d in claim 1 . 

Claim 12 (Currently amended): The computer system of claim 1 1, wherein 
said st e p of e x e cuting a security application uses is operable to access said 
program code at memory locations based solely on said reference address if said 
reference address is equal to said a default address of said previously selected 
subprogram . 

Claim 13 (Currently amended): The computer system of claim 1 1, furth e r 
comprising the st e p of computing wherein said central processing unit is operable 
to compute a substitute address for every said selected address stored in said table 
by offsetting memory locations of said selected addresses stored therein in said 
tabl e s for e v e ry said sel e ct e d addr e ss . 

Claim 14 (Currently amended): The computer system of claim 11, further 
comprising th e st e p of storing including a data compressor/encryptor operable to 
store said selected addresses in a compressed and encrypted format in said tables. 

Claim 15 (Currently amended): The computer system of claim 13, wherein 
said st e p of e x e cuting a security application is operable to access said program 
code at memory locations based on using said substitute address if said reference 
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address is unequal to said a default address of said previously selected 

subprogram . 

Claim 16 (Currently amended): The computer system of claim 44 29, 
wherein said application program compris e s includes encrypted data residing on a 
DVD digital versatile disk. 

Claim 17 (Currently amended): A computer readable medium having 
computer-executable instructions, which when executed on a computer system, 
causes said computer system to determine the integrity of an application program 
running under an operating system on said computer system, said application 
program having at l e ast a data portion r e siding in m e mory , said computer- 
executable instructions causing said computer system to perform the steps of: 

(a) pfe-allocating one or more segments in the memory for at least a 
said data portion of the application program ; 

(b) inserting tables in said data portion segm e nts ; 

(c) building the executing said application program on said computer 
system using an operating system, said application program produc e d by: 

(cl) linking via a program code linker one or more 
relocatable object modules with one or more libraries and other object modules to 
form an intermediate executable module, said relocatable object modules being 



Page 8 of 27 



MR1035-1483 

Serial Number: 09/814,320 

Response to Office Action dated 21 September 2004 

pre-compiled, and said libraries and said other object modules comprising 
including relocation data, said program code linker operable to output said 
relocation data; 

(c2) selecting addresses of portions of said libraries and said 
other object modules linked to said intermediate executable module by examining 
during said linking step said relocation data output by said program code linker te 
d e t e rmin e s e l e ct e d addr e ss e s, said s e l e ct e d addr e ss e s corr e sponding to addr e ss 
locations in said s e gm e nts,; 

(c3) storing said selected addresses in said tables^; 

(c4) storing a default address of a selected subprogram of said 
intermediate executable module in said data portion^; and 

(c5) loading said libraries and said other object modules to 
transform said intermediate executable module into said the application program 
e x e cutabl e by said comput e r syst e m ; 

(d) executing the application program under the operating system, 
said tables being retained in said data portion during said application program 
execution; 

(e) (d) determining a reference address associated with said selected 
subprogram at any time after the run time of said application program begins 
execution ; 

(f) (e) comparing said reference address with said default address; 



Page 9 of 27 



MR1035-1483 

Serial Number: 09/814,320 

Response to Office Action dated 21 September 2004 
and^ 

(g) (f) executing a security application or module to verify the 
integrity of the application program at addresses determined from det e rmin e said 
int e grity of said application program bas e d on said reference address and said 
selected addresses in said tables. 

Claim 18 (Currently amended): The computer readable medium of claim 
17, wherein the computer-executable instructions stored thereon causes said 
computer system to further comprising perform the step of computing a substitute 
address by offsetting memory locations of said selected addresses stored in said 
tables for every said selected address, said step of executing a security application 
being based on using said substitute address if said reference address is unequal to 
said default address. 

Claim 19 (Currently amended): The computer readable medium of claim 
17, wherein addresses determined in said security application or module executing 
said step (g) (f) is bas e d on using said reference address if said reference address is 
equal to said default address. 
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Claim 20 (Currently amended): A method for determining the integrity of a 
relocatable application program executable on a computer system, said the 
application program being generated from one or more pre-compiled object files, 
said the computer system including memory and said the application program 
having at least a data space residing in said the memory, said the method 
comprising the steps of: 

(a) inserting tables into pre-allocated memory segments residing in 
said the data space; 

(b) examining relocation data for selected addresses when said the 
pre-compiled object files are linked by a program code linker and load e d with one 
or more libraries and other object files and loaded into the memory, said program 
code linker operable to output relocation data stored in relocatable object modules 
and libraries , said libraries and said other object files comprising having said 
relocation data stored therein, said relocation data examination being of said 
relocation data stored in said pre-compiled object files and said one or more 
libraries upon output by said program code linker ; 

(c) storing said selected addresses in said tables; 

(d) storing a default address in said the data space, said default 
address being associated with a point of reference within said the pre-complied 
object files , said libraries and said other object files, said tables and said default 
address being retained in the data space until the application program is unloaded 
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from the memory ; 

(e) determining a reference address from said the application 
program at run-time, said reference address corresponding to said point of 
reference; 

(f) comparing said reference address with said default address; and 

(g) performing a checksum to determine said the integrity of said the 
application program at addresses determined from bas e d on said reference address 
and said selected addresses in said tables. 

Claim 21 (Currently amended): The method of claim 20, wherein said step 
of performing a checksum is based on using said reference address to access the 
application program if said reference address is equal to said default address. 

Claim 22 (Currently amended): The method of claim 20, wherein said step 
of performing a checksum is based on using a substitute address to access the 
a pplication program if said reference address is unequal to said default address, 
said substitute address being computed by offsetting memory locations of selected 
addresses for every selected address. 

Claim 23 (Original): The method of claim 22, wherein said offsetting is 
done by subtraction or addition. 
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Claim 24 (Currently amended): The method of claim 20, wherein said 
application program compris e s includes encrypted data residing on a DVD digital 
versatile disk. 

Claim 25 (Currently amended): A computer readable medium having 
computer-executable instructions, which when executed on a computer system 
may encrypt and/or decrypt a portion of an application program enabled to run 
under an operating system on said the computer system, and causes said the 
computer system to determine the integrity of said the application program having 
at l e ast a data portion residing in memory, said the computer-executable 
instructions causing said the computer system to perform the steps of: 

(a) pre-allocating one or more segments in the memory for at least a 
in said data portion of the application program ; 

(b) inserting tables in said data portion s e gm e nts ; 

(c) building the e x e cuting said application program on said computer 
system using an op e rating system, said application program produc e d by: 

(cl) linking via a program code linker one or more 
relocatable object modules with one or more libraries and other object modules to 
form an intermediate executable module, said relocatable object modules being 
pre-compiled, and said libraries and said other object modules comprising 
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including relocation data, said program code linker operable to output said 
relocation data; 

(c2) selecting addresses of portions of said libraries and said 
other object modules linked to said intermediate executable module by examining 
during said linking step said relocation data output by said program code linker te 
d e t e rmin e s e l e ct e d addr e ss e s, said s e l e ct e d addr e ss e s corr e sponding to addr e ss 
locations in said s e gm e nts, ; 

(c3) storing said selected addresses in said tables^; 

(c4) storing a default address of a selected subprogram of said 
intermediate executable module in said data portion^; and A 

(c5) loading said libraries and said other object modules to 
transform said intermediate executable module into said the application program 
e x e cutabl e by said comput e r syst e m ; 

(d) modifying one or more portions of said s e gm e nts data portion by 

encryption; 

(o) executing the application program under the operating system, 
said tables being retained in said data portion during said application program 
execution; 

(f) (e) determining a reference address associated with said selected 
subprogram at run-time of said the application program; 

(g) (f) comparing said reference address with said default address; 
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and 

(h) (g) executing a security application or module to verify the 
integrity of the application program at addresses determined from d e t e rmin e said 
int e grity of said application program bas e d on said reference address and said 
selected addresses in said tables. 

Claim 26 (Currently amended): The computer medium of claim 25, 
wherein the computer-executable instructions cause the computer system is caused 
to prevent said m e thod pr e v e nts access to encryption keys associated with said the 
application program. 

Claim 27 (Currently amended): The computer medium of claim 25, 
wherein said step of modifying one or more portions of said segments by 
encryption compris e s th e st e p includes the steps of: 

(a) adding or subtracting an offset value to memory locations of said 
selected addresses in the encrypted object; 

(b) performing decryption; and 

(c) adding or subtracting said offset value to said memory locations 
of said selected addresses after decryption. 
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Claim 28 (New): The method of claim 11, wherein said security algorithm 
includes a checksum computing algorithm. 

Claim 29 (New): The method of claim 11, wherein said security algorithm 
includes a decryption algorithm. 
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